Google thinks is a Malware Server

Written by James McDonald

December 2, 2009

Update: appears to be clean now the .cn server script includes are gone and Google is no longer warning you off when you go there.

Just tried to visit and I get this in Google Chrome:

I went to and it appears 2hd are running Windows 2003 and IIS6.0. A recent article on the Sydney Morning Herald site describes something similar (A site serving malware from Chinese *.cn servers) happening to JB Hi-Fi and JB appears to be running FreeBSD and Apache 1.3.x. So OS isn’t a factor in this particular hack.

The JB Hi-Fi malware problem was reported to be due to a third party ad server being compromised and then the JB servers unwittingly serving links to the bogus ads. So I wouldn’t be suprised if has something similar happening. Of course this is an assumption.

To use a phrase from Meet the Fockers. No matter how secure your own server/s may be, you still need to make sure the servers in your “circle of trust” can be trusted also.

I remember a friend who worked for an Internet Serving company used to spend several hours a day combing through logs looking for suspicious activity. Looks like that sort of methodical inspection is required to stay ahead of potential security problems.


Submit a Comment

Your email address will not be published.

You May Also Like…


Zebra Printer Language The above website has a page where you can enter ZPL and it...

PHP Iterators

Just came across a Youtube talk "Iterators in PHP" by Jake Smith published in 2014 that steps through the many...

PHP array_map Multiple Arrays

array_map can take multiple arrays. I like how it starts mapping through them starting at the first element of each...